Configuring the secblade ips card – H3C Technologies H3C SecBlade IPS Cards User Manual

12

To do…

Use the command…

Remarks

Enter the view of
the 10GE interface
connected to the

SecBlade IPS card

interface
Ten-GigabitEthernet
interface-number

Required

Configure the link
type of the
interface as access

port link-type access

Required
By default, the link type of an interface is

access.

Add the interface
to a VLAN

port access vlan vlan-id

Required
Add the internal interface to the
management VLAN.

Configure the
extended port

connection mode

for the port

port connection-mode
extend

Required

Return to system
view

quit

Required

Save the configuration to a
configuration file

save [ file-name | [ safely ] Required

Configuring the SecBlade IPS card

Configure the SecBlade IPS card as follows.

•

Configure the IP address of the management interface at the CLI and use the IP address to login to

the web interface of the SecBlade IPS card.

•

Configure the internal interface and the OAA client and test its connectivity to the switch.

•

Create security zones and add the interfaces of the switch to corresponding security zones.

•

Create a segment and add internal and external zones to the segment.

Follow these steps to configure the SecBlade IPS card:

To do…

Use the command…

Remarks

Configure redirection from
the device to the OAP system
(for centralized stacking

devices/distributed devices)

oap connect [ slot slot-number ] system
system-name

Required
Perform this operation in user

view to enter the CLI of the
SecBlade IPS card.

Enter system view

system-view

—

Enter management interface
view

interface meth interface-number Optional

Configure an IP address for

the management interface

ip address ip-address mask

Optional
By default, the IP address of the

management interface meth0/0 is
192.168.1.1.

Enable the management
interface

undo shutdown

Required
Disabled by default.